- This Week in Scams: $16.6 Billion Lost, Deepfakes Rise, and Google Email Scams Emerge | McAfee Blog
- Proof-of-concept bypass shows weakness in Linux security tools, claims Israeli vendor
- SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
- Lenovo targets AI workloads with massive storage update
- Girls Power Tech Inspires the Next Generation of Tech Leaders
Tripwire Patch Priority Index for March 2024

Tripwire’s March 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google, and Apple.
First on the patch priority list are patches for Windows Kernel and Multiple Apple products. These CVEs (CVE-2024-21338, CVE-2024-23296, CVE-2024-23225) have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog.
Up next are patches for Microsoft Edge (Chromium-based) and Chromium that resolve use-after-free, out of bounds memory access, and inappropriate implementation vulnerabilities.
Next on the patch priority list this month is a patch for Microsoft Office that resolves an elevation of privilege vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 40 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, denial of service, and remote code execution vulnerabilities. These vulnerabilities affect core Windows, Kernel, NTFS, UAS Protocol, Cloud Files Mini Filter Driver, ODBC Driver, Defender, Kerberos, and others.
Next up are patches for .NET, Visual Studio Code, and Azure Data Studio that resolve 2 elevation of privilege and 1 denial of service vulnerabilities.
Lastly, administrators should focus on server-side patches for Exchange Server, Dynamics, SharePoint, Hyper-V and Microsoft Django Backend for SQL Server. These patches several issues including remote code execution, cross-site scripting, and denial of service vulnerabilities.
BULLETIN |
CVE |
CVE-2024-21338, CVE-2024-23296, CVE-2024-23225 |
|
CVE-2024-2173, CVE-2024-2174, CVE-2024-2176 |
|
CVE-2024-26199 |
|
CVE-2024-26169, CVE-2024-21430, CVE-2024-21330, CVE-2024-21334, CVE-2024-21436, CVE-2024-26160, CVE-2024-21445, CVE-2024-21442, CVE-2024-21437, CVE-2024-26181, CVE-2024-21443, CVE-2024-26182, CVE-2024-26176, CVE-2024-26178, CVE-2024-26173, CVE-2024-26177, CVE-2024-26174, CVE-2024-26197, CVE-2024-21439, CVE-2024-26159, CVE-2024-21440, CVE-2024-26162, CVE-2024-21434, CVE-2024-26185, CVE-2023-28746, CVE-2024-21444, CVE-2024-21441, CVE-2024-26161, CVE-2024-21450, CVE-2024-26166, CVE-2024-21435, CVE-2024-20671, CVE-2024-26190, CVE-2024-21451, CVE-2024-21427, CVE-2024-21432, CVE-2024-21411, CVE-2024-21433, CVE-2024-26170, CVE-2024-21429, CVE-2024-21446, CVE-2024-21438, CVE-2024-21390 |
|
CVE-2024-21392 |
|
CVE-2024-26165 |
|
CVE-2024-26203 |
|
CVE-2024-26198 |
|
CVE-2024-21419 |
|
CVE-2024-21426 |
|
CVE-2024-21408, CVE-2024-21407 |
|
CVE-2024-26164 |